[155012] in North American Network Operators' Group
Re: using "reserved" IPv6 space
daemon@ATHENA.MIT.EDU (Stephen Sprunk)
Thu Jul 19 13:49:36 2012
Date: Thu, 19 Jul 2012 12:47:52 -0500
From: Stephen Sprunk <stephen@sprunk.org>
To: nanog@nanog.org
In-Reply-To: <20120719124715.B24CB22BDCA1@drugs.dv.isc.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
This is a cryptographically signed message in MIME format.
--------------ms020805050105050108030104
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
On 19-Jul-12 07:47, Mark Andrews wrote:
> In message <CAAAwwbXh1wS_9aX4FwGrqmSBJmKGJ0nWHRi9EN53HtL36VhSSg@mail.gm=
ail.com>, Jimmy Hess writes:
>> When numbers are selected by choosing a random value; certain ratios o=
f bits set to "1" are more likely to occur than other ratios of bits set =
to "1".
>>
>> A random generator that is operating correctly, is much more likely to=
emit a number with 50% of the bits set to 1, than it is to emit a numb=
er with 0% of the bits set to 1, given a sufficient number of bits. If =
the ratio is inconsistent by a sufficient margin, and your sample of the =
bits is large enough in number, you can show with high confidence that =
the number is not random; a 1 in 10 billion chance of the number being=
randomly generated, would be pretty convincing, for example.
> Actually you can't.
>
> fdaa:aaaa:aaaa has 20/20 0/1 bits but is entirely non random.
> fdf0:f0f0:f0f0 has 20/20 0/1 bits but is entirely non random.
>
> The ratio of the number of bits doesn't tell you anything about whether=
> the number was random or not.
He oversimplified the real entropy test, which covers those cases.
For a sufficiently long stream of random bits, there should be twice as
many runs of length 1 as runs of length 2, twice as many runs of length
2 as runs of length 3, etc. And for each length, they should be evenly
divided between runs of 0s and runs of 1s.
Of course, 40 bits is nowhere near "sufficiently long", but you can
score the entropy and set a lower bound for acceptability. The two
examples above would get very low entropy scores, far below any sensible
lower bound.
>> That is extremely improbable. If you generate a million ULA IDs a day=
, every day, it is expected to be over 1000 years before you generate one=
of those two.
> improbable !=3D impossible
All RFC 4193 ever claimed to offer was improbability. If that's not
good enough, get a GUA from your RIR.
S
--=20
Stephen Sprunk "God does not play dice." --Albert Einstein
CCIE #3723 "God is an inveterate gambler, and He throws the
K5SSS dice at every possible opportunity." --Stephen Hawking
--------------ms020805050105050108030104
Content-Type: application/pkcs7-signature; name="smime.p7s"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.p7s"
Content-Description: S/MIME Cryptographic Signature
MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIFNjCC
BTIwggMaoAMCAQICAwuIVDANBgkqhkiG9w0BAQUFADB5MRAwDgYDVQQKEwdSb290IENBMR4w
HAYDVQQLExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmlu
ZyBBdXRob3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZzAeFw0xMjAz
MjcxOTQ4NTdaFw0xMjA5MjMxOTQ4NTdaMD0xGDAWBgNVBAMTD0NBY2VydCBXb1QgVXNlcjEh
MB8GCSqGSIb3DQEJARYSc3RlcGhlbkBzcHJ1bmsub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOC
AQ8AMIIBCgKCAQEA1qAUmWE5Nv/9HFl7f52VrEoGqhbYG1rPE7go13pSxgUBi02iDNKyDTJH
b/CswpO/FE9p34QbUlnOXY3LRrLh+/NaS496breDA8mRKCceNHIPaiK3Mwpl0q787WQalrp9
mBV2jKHobOMOWbtNiuYSq6k4qfqIvFJvGOsgizcqeMjjLyR8GimjGCQYuH2o970PhlNidpAj
mVMCBehc3RhjmevEn4ydIL7j0bmFj9YuLxaoISq6icdh7VFxqAzdEbHhQHKp1N8aNq5yhcWD
M//Bq8MpMd1+zNse/pVc7/42G5iArYkImUbu/P48PgR8ZX9D59hJxP7kRyKVT9dbTNkh4wID
AQABo4H+MIH7MAwGA1UdEwEB/wQCMAAwVgYJYIZIAYb4QgENBEkWR1RvIGdldCB5b3VyIG93
biBjZXJ0aWZpY2F0ZSBmb3IgRlJFRSBoZWFkIG92ZXIgdG8gaHR0cDovL3d3dy5DQWNlcnQu
b3JnMEAGA1UdJQQ5MDcGCCsGAQUFBwMEBggrBgEFBQcDAgYKKwYBBAGCNwoDBAYKKwYBBAGC
NwoDAwYJYIZIAYb4QgQBMDIGCCsGAQUFBwEBBCYwJDAiBggrBgEFBQcwAYYWaHR0cDovL29j
c3AuY2FjZXJ0Lm9yZzAdBgNVHREEFjAUgRJzdGVwaGVuQHNwcnVuay5vcmcwDQYJKoZIhvcN
AQEFBQADggIBAD8tqTvu2ZrBGK01AFSzf0BYcYNXMRwK8XqWQpeJwo2+s+GSsrukNEEn2mNn
RLIF879e/7dmLoCVKkWXqhn/L9BdWTquRHuAQqokyddekrKFP7yNabXUOVD4dxkzgGc/pD70
7uj5pfIAqx7/JYUPdCgWtX91gtxN3CVmUUAKcewA/xXJy1VPZVR3q6aP9K/4x4Qir06xVtZm
BApKc4s5zaD8b8CLxFhKDw/NUymby1OKjSS7h5JhPsdOOqm6JeGHKRhL3tGFv5ObUTK4ABz8
LF2rtpx/h+eRMP0CxQaI50fz8H0fDMBo4ztsdEAmp9lh0F9CyCYAkt3qLhXFDvX2lOGqmB4f
4Q4/atUCqZnUA/4hZGC0PKgwTOSztFvPlAGtb/S7NeAhv3x6HTMsIP+yanB8/HBJtZXariH3
D2fpUibEFCPubaVSciPKEpI/Lv+BtQ7FmsbQqTV+iHovbQYZ/UcFtfjIcBCnQJjGmk3V5nsE
0p+Aw/IiHUoYwZD+TjaaBBGNJnFaQosQtwy44jwURIb+Lb1/ditqIlXobV9ShzAApuHc3g9R
CPjrmVlEDaLaG/82L92QqE84CrUfUWNqMqtDskQtizkD1ju8sfH9NJHLYolpbUlPJrWCW/8z
Cl25O3uLZMn8gc6egClBfIm+jGZuSQ9sohcX4hw1jg7wK1guMYIDlDCCA5ACAQEwgYAweTEQ
MA4GA1UEChMHUm9vdCBDQTEeMBwGA1UECxMVaHR0cDovL3d3dy5jYWNlcnQub3JnMSIwIAYD
VQQDExlDQSBDZXJ0IFNpZ25pbmcgQXV0aG9yaXR5MSEwHwYJKoZIhvcNAQkBFhJzdXBwb3J0
QGNhY2VydC5vcmcCAwuIVDAJBgUrDgMCGgUAoIIB6DAYBgkqhkiG9w0BCQMxCwYJKoZIhvcN
AQcBMBwGCSqGSIb3DQEJBTEPFw0xMjA3MTkxNzQ3NTJaMCMGCSqGSIb3DQEJBDEWBBQLZDJu
VDgIJUSLv+hOPCbeUrtfRzBfBgkqhkiG9w0BCQ8xUjBQMAsGCWCGSAFlAwQBAjAKBggqhkiG
9w0DBzAOBggqhkiG9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcN
AwICASgwgZEGCSsGAQQBgjcQBDGBgzCBgDB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQL
ExVodHRwOi8vd3d3LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmluZyBBdXRo
b3JpdHkxITAfBgkqhkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZwIDC4hUMIGTBgsqhkiG
9w0BCRACCzGBg6CBgDB5MRAwDgYDVQQKEwdSb290IENBMR4wHAYDVQQLExVodHRwOi8vd3d3
LmNhY2VydC5vcmcxIjAgBgNVBAMTGUNBIENlcnQgU2lnbmluZyBBdXRob3JpdHkxITAfBgkq
hkiG9w0BCQEWEnN1cHBvcnRAY2FjZXJ0Lm9yZwIDC4hUMA0GCSqGSIb3DQEBAQUABIIBAIH+
pPXqU0vuFEoqCrcKiKyGhwKX3gHS9aIW3ukPVrVKTo48L+MB0fyDPglsMlVBtGhY+ApJ57oR
RIInsSGvp9Me5LgBodUpQackjKLl9TakeXZNAm5gEQo3o85dMr5B5Eq65xWmUwYKyYKdyPUZ
Af9I9sUuFYhLzCx54iN7iH5oEXEwTMFLlBmft1zMdLQd2MpGx98l4wVXnjJcNieECHPl3ImT
WbUuR5qV/m3B9W9/jKYkFRAROPqMxy1Ru/CtVSkad1nCSYVdQH6ZLdQom+EOGvV9KYJrqAnC
iCLA/AIWwehscMfdz8pj0l6RoxUu03qs2rUmkp8B9w4NPHRHanIAAAAAAAA=
--------------ms020805050105050108030104--
